6abd60072b29309a0418b516a0b165e7d3fa30f8d14c05b2d6dfa02bc520e48a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

51fa4b166f7ee4a2ea7351a5d9bb8ce4.bin.exe
Size

1.2MB
Sample

230714-z2gwwaga93
MD5

51fa4b166f7ee4a2ea7351a5d9bb8ce4
SHA1

4689118d9489a7db6d64e037714d6fbe93a8b36e
SHA256

6abd60072b29309a0418b516a0b165e7d3fa30f8d14c05b2d6dfa02bc520e48a
SHA512

994072e262ade749cb907e7619a043f40790989ad036f08dd379573627161637c2b25de9cc448f819005d421e20c7e60d4c942c001fb7f23b1eecd047eb838d7
SSDEEP

12288:bSIwnXZDpCZ+6VPwEiuHYQiBdu9y/uaen12qFpB1pYg76C+74CxO5g51TP7DlV1:WbfEiDtNiVp/m705g51TP7DL1

Score

6^/10

spyware

Malware Config

Targets

- Target
  
  51fa4b166f7ee4a2ea7351a5d9bb8ce4.bin.exe
- Size
  
  1.2MB
- MD5
  
  51fa4b166f7ee4a2ea7351a5d9bb8ce4
- SHA1
  
  4689118d9489a7db6d64e037714d6fbe93a8b36e
- SHA256
  
  6abd60072b29309a0418b516a0b165e7d3fa30f8d14c05b2d6dfa02bc520e48a
- SHA512
  
  994072e262ade749cb907e7619a043f40790989ad036f08dd379573627161637c2b25de9cc448f819005d421e20c7e60d4c942c001fb7f23b1eecd047eb838d7
- SSDEEP
  
  12288:bSIwnXZDpCZ+6VPwEiuHYQiBdu9y/uaen12qFpB1pYg76C+74CxO5g51TP7DlV1:WbfEiDtNiVp/m705g51TP7DL1
Score

6^/10

spyware
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2